
# Set up repoze.who configuration data structure.
#   This code was modified from
#   http://static.repoze.org/whodocs/narr.html#module-repoze.who.middleware
# Please see that page for additional documentation.

import os
import sys
import logging
from StringIO import StringIO
from repoze.who.middleware import PluggableAuthenticationMiddleware
from repoze.who.interfaces import IIdentifier
from repoze.who.interfaces import IChallenger
from repoze.who.plugins.basicauth import BasicAuthPlugin
from repoze.who.plugins.auth_tkt import AuthTktCookiePlugin
from repoze.who.plugins.form import RedirectingFormPlugin
from repoze.who.plugins.htpasswd import HTPasswdPlugin

# find the user/password file in the same directory at ./htpasswd
htfilename = os.path.split(os.path.abspath(__file__))[0] + "/htpasswd"
htfile = file(htfilename)

# the passwords are in clear text
def cleartext_check(password, hashed):
    print "checking cleartext", (password, hashed)
    return password == hashed

# use the htpasswd file to find user names and passwords
htpasswd = HTPasswdPlugin(htfile, cleartext_check)

# allow HTTP basic authentication.
basicauth = BasicAuthPlugin('repoze.who')

# also allow auth_tkt based authentication
auth_tkt = AuthTktCookiePlugin('secret00', 'auth_tkt')

# use the repoze.who redirecting form plugin for challenges and identification
form = RedirectingFormPlugin('login_url', '/login_handler_path',
                             '/logout_handler_path', rememberer_name='auth_tkt')

# set up the form classifications
form.classifications = {
    IIdentifier:['browser'],
    IChallenger:['browser']
    }

# the repoze.who identifiers
identifiers = [
    ('form', form),
    ('auth_tkt',auth_tkt),
    ('basicauth',basicauth)
    ]

# the repoze.who authenticators
authenticators = [('htpasswd', htpasswd)]

# the repoze.who challengers
challengers = [
    ('form',form),
    ('basicauth',basicauth)
    ]

# no metadata providers, please.
mdproviders = []

# use default classifiers and deciders
from repoze.who.classifiers import default_request_classifier
from repoze.who.classifiers import default_challenge_decider

# log to standard output if WHO_LOG is set in the os.environ
log_stream = None
import os
if os.environ.get('WHO_LOG'):
    log_stream = sys.stdout

def whoTestRootApplication(path="/"):
    from whiff import resolver
    from whiff.middleware import displayTraceback
    import whotest
    
    # create the root application
    testapp = resolver.moduleRootApplication(path, whotest,
                             exception_middleware=displayTraceback.__middleware__,
                             on_not_found=None, # show traceback (could comment)
                             )
    # set up all the repoze.who resources at standard
    # resource prefixes.

    # these MUST be defined for the plugin to work:
    testapp.registerStaticResource(prefix="who.identifiers",
                               resourceValue=identifiers)
    testapp.registerStaticResource(prefix="who.authenticators",
                               resourceValue=authenticators)
    testapp.registerStaticResource(prefix="who.challengers",
                               resourceValue=challengers)

    # these are optional:
    testapp.registerStaticResource(prefix="who.mdproviders",
                               resourceValue=mdproviders)
    testapp.registerStaticResource(prefix="who.classifier",
                               resourceValue=default_request_classifier)
    testapp.registerStaticResource(prefix="who.challenge_decider",
                               resourceValue=default_challenge_decider)
    testapp.registerStaticResource(prefix="who.log_stream",
                               resourceValue=log_stream)
    testapp.registerStaticResource(prefix="who.log_level",
                               resourceValue=logging.DEBUG)
    return testapp

if __name__=="__main__":
    # script interpretation: launch the app in a server at port 8888
    import wsgiref.simple_server
    testapp = whoTestRootApplication()
    print "serving whotest at 8888"
    srv = wsgiref.simple_server.make_server('localhost', 8888, testapp)
    srv.serve_forever()
                    
